asha kr shwetha d j intel mcafee confidential pnsqc 2015
play

Asha KR Shwetha D J Intel & McAfee Confidential PNSQC 2015 1 - PowerPoint PPT Presentation

Jan 29, 2023 •240 likes •484 views

API Testing Picking The Right Strategy Asha KR Shwetha D J Intel & McAfee Confidential PNSQC 2015 1 Bio Asha KR ,Senior Software QA Engineer at Intel Security, currently working in the Intel Security India Center in Bangalore.

  1. API Testing – Picking The Right Strategy Asha KR Shwetha D J Intel & McAfee Confidential PNSQC 2015 1

  2. Bio Asha KR ,Senior Software QA Engineer at Intel Security, currently working in the Intel Security India Center in Bangalore. Working for the past 5+ years in different QA roles in SaaS products. Asha hold Bachelor of Engineering in E&C from VTU, Karnataka, India. Shwetha DJ ,Software Development Engineer for Test, currently working in the Intel Security India Center in Bangalore. She has been working for the past 1+ years on SaaS products. Shwetha holds Bachelor of Engineering in E&C from VTU, Karnataka, India. PNSQC 2015 2

  3.  Introduction  The Problem  The Solution  The Approach  Results  Conclusion.. PNSQC 2015 3

  4.  About Web services  About Application Programming Interface (API’s)  What is API testing  API testing in project architecture  Steps involved in API testing PNSQC 2015 4

  5. PNSQC 2015 5

  6. PNSQC 2015 6

  7. Crucial integration Time constraint in Testing releases Manual effort UI failure maintaining product PNSQC 2015 7

  8. The Solution  API Testing - Manual  WCF Test Client  Soap UI  API Testing - Automation  Soap UI  Microsoft Web Test  Using Programming Language PNSQC 2015 8

  9. WCF Client  Windows Communication Foundation  Microsoft .NET framework and user friendly  Give input, invoke method and analyze results  Advantages  Interoperability  Security and Reliability  Disadvantages  Pending requests aborted when closed  Automatically generated values and cumbersome to use PNSQC 2015 9

  10. WCF Client PNSQC 2015 10

  11. The Solution – Soap UI  Simple Object Access Protocol  Communicates over HTTP  Suite execution using user interface  Suite triggers from automation build / command prompt  Advantages  Extend HTTP for XML messaging  Platform- and language-independent  Disadvantages  No mention of security facilities.  Do not hold any state references to remote objects PNSQC 2015 11

  12. The Solution – Soap UI PNSQC 2015 12

  13. The Solution – Microsoft Web Test  User performs a set of operations  Good for simpler web services and straightforward functionality  Suitable for performance testing  Advantages  Easy test scripts creation using test recorder  Edit recorded tests to tailor to specific needs  Disadvantages  Not much validation logic can be put into the tests  High Volume tests were not at all executed in the test suite  Maintenance is difficult PNSQC 2015 13

  14. The Solution – Microsoft Web Test PNSQC 2015 14

  15. Current Approach – Testing Framework  Stable automation framework using C#  Simple, object- oriented language  Test Framework PNSQC 2015 15

  16. Current Approach – Testing Framework  Advantages  C# framework is tool independent  Ease-of-development, rich class library, functions  End to End solution with DB validations  Anyone can contribute to the framework  Interoperability  Disadvantages  Depends on .NET framework. Library not found in .NET difficult to implement C # doesn’t come up with open source technologies and operating systems  PNSQC 2015 16

  17. Challenges in API Testing  Parameter Combination, Call Sequencing  No GUI - difficult to provide inputs  Not easy to validate output  Exception handling function PNSQC 2015 17

  18. Stable framework delivered, Every QA had opportunity Quality product to Customer to become a Programmer Deeper insight into the Percentage of early defect product through API Testing detection: 20% PNSQC 2015 18

  19. Automation Test Results 100% automation of smoke test cases 60% automation of functional test cases Automated Test Coverage 120% 100% 80% 60% Test Coverage 40% 20% 0% BVT FVT End to End Test Cases PNSQC 2015 19

  20. API Testing -- Advantages  Much better quality product, ensuring the data access  Simple security compliance testing  Complete functionality allows for easy future expansion of the application  Structured way of testing, makes automation more feasible API Testing -- Disadvantages  No Encryption  Increasing Tooling needs  Straightforward reason for failing API is not known like GUI PNSQC 2015 20

  21. End to End Testing :  Extension of all BVT scenarios to test end to end functionality  Service call for different APIs in a single method  Needs a good coding style and capturing of exact results Integration Testing  Testing of different systems as one  Covering BVT and FVT functionality by considering all system behavior 21 PNSQC 2015

  22. PNSQC 2015 22

  23. PNSQC 2015 23

  24. Intel & McAfee Confidential

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Scrum Adoption in our experience : TGCFO Approach Vadiraj R Thayur PNSQC 2014 Agenda

Scrum Adoption in our experience : TGCFO Approach Vadiraj R Thayur PNSQC 2014 Agenda

Scrum Adoption in our experience : TGCFO Approach Vadiraj R Thayur PNSQC 2014 Agenda Introduction The Problem The Solution The Approach Results Conclusion.. PNSQC 2014 McAfee Confidential Introduction About a

723 views • 17 slides
Smart COM Fuzzing - Auditing IE Sandbox Bypass in COM Objects Xiaoning Li (Intel Labs)

Smart COM Fuzzing - Auditing IE Sandbox Bypass in COM Objects Xiaoning Li (Intel Labs)

Smart COM Fuzzing - Auditing IE Sandbox Bypass in COM Objects Xiaoning Li (Intel Labs) Haifei Li (McAfee Labs) CanSecWest, March 2015, Vancouver About Us: Xiaoning Security Researcher and Architect at Intel Labs DeepSafe,

976 views • 64 slides
Market Design in Display Advertising R. Preston McAfee Yahoo! Research - 1 - Yahoo!

Market Design in Display Advertising R. Preston McAfee Yahoo! Research - 1 - Yahoo!

Market Design in Display Advertising R. Preston McAfee Yahoo! Research - 1 - Yahoo! Confidential Display Advertising Impressions 2 11/2/2009 McAfee: Internet - 2 - Yahoo! Confidential Ad i i Display Advertising Contracts purchased

561 views • 9 slides
Rese sear archer her-Acade cademic mic Town wn Me Meeting ting ASHA / ASHA Journals

Rese sear archer her-Acade cademic mic Town wn Me Meeting ting ASHA / ASHA Journals

ASHA / 2018 Rese sear archer her-Acade cademic mic Town wn Me Meeting ting ASHA / ASHA Journals Awards ASHA / Kawana Award for Lifetime Achievement in Publications Named in the memory of the late Alfred K. Kawana, former director

938 views • 48 slides
C&B approach to suppot diversity & inclusion Intel Confidential We have a commitment to

C&B approach to suppot diversity & inclusion Intel Confidential We have a commitment to

C&B approach to suppot diversity & inclusion Intel Confidential We have a commitment to making Flexibility real for all our employees, what will it take? To create the workplace of tomorrow , Intel needs to introduce flexible

77 views • 7 slides
1 Intel Confidential Do Not Forward Introducing myself: Mirek Walukiewicz Im from Gdansk,

1 Intel Confidential Do Not Forward Introducing myself: Mirek Walukiewicz Im from Gdansk,

1 Intel Confidential Do Not Forward Introducing myself: Mirek Walukiewicz Im from Gdansk, Poland. 27 years in networking industry - 21 years working for Intel Now FPGA Solution architect Areas of interest: Virtualization I like

502 views • 6 slides
Misusing the Type System for & Ian Dees @undees PNSQC 2015 Brewing for

Misusing the Type System for & Ian Dees @undees PNSQC 2015 Brewing for

Misusing the Type System for & Ian Dees @undees PNSQC 2015 Brewing for Maintainability Our contaminants: s k a e l y r o m Failing e M regression tests C r a s h e s Poor repeatability Data corruption s e h

1.55k views • 137 slides
McAfee ESM: Situational Awareness Boubker Elmouttahid, CISSP, CISM, CRISC Solution Architect,

McAfee ESM: Situational Awareness Boubker Elmouttahid, CISSP, CISM, CRISC Solution Architect,

McAfee ESM: Situational Awareness Boubker Elmouttahid, CISSP, CISM, CRISC Solution Architect, Management Platform May 8, 2013 Confidential McAfee Internal Use Only Security Connected Platform NETWORK SECURITY ENDPOINT SECURITY Application

385 views • 15 slides
Thank you to our Official Event Contributing Partner ASHA Corporate Partner 2015

Thank you to our Official Event Contributing Partner ASHA Corporate Partner 2015

Thank you to our Official Event Contributing Partner ASHA Corporate Partner 2015 Researcher-Academic Town Meeting ASHA Journals Awards Kawana Award for Lifetime Achievement in Publications Editors Awards Kawana Award for Lifetime

987 views • 54 slides
SS Concordia | CONFIDENTIAL # Free Speech isnt Free, Unless you are a Bull |

SS Concordia | CONFIDENTIAL # Free Speech isnt Free, Unless you are a Bull |

SS Concordia | CONFIDENTIAL # Free Speech isnt Free, Unless you are a Bull | CONFIDENTIAL # Network Associates / McAfee Loading | CONFIDENTIAL # CONFIDENTIAL Valeant and Concordia (Poor Mans

1.03k views • 50 slides
Research and Clinical Practice ASHA Convention November 22, 2014 11:45 am 1:00 pm Karen

Research and Clinical Practice ASHA Convention November 22, 2014 11:45 am 1:00 pm Karen

Quality Indicators for Integrating Research and Clinical Practice ASHA Convention November 22, 2014 11:45 am 1:00 pm Karen Beverly-Ducker , MA, CCC-A ASHA Director, Multicultural Resources kbeverlyducker@asha.org Diane Paul, PhD, CCC-SLP

606 views • 26 slides
Adaptive Application Security Testing Model Ashish Khandelwal Gunankar Tyagi Agendum

Adaptive Application Security Testing Model Ashish Khandelwal Gunankar Tyagi Agendum

Adaptive Application Security Testing Model Ashish Khandelwal Gunankar Tyagi Agendum Confidential McAfee Internal Use Only Security Testing Confidential McAfee Internal Use Only Cost Impact m suffered a heavy The TJX Company breach, which m

429 views • 20 slides
Welcome to the ASHA Continuing Education Boards (CEB) webinar focused on Required Practice 3.2.

Welcome to the ASHA Continuing Education Boards (CEB) webinar focused on Required Practice 3.2.

Welcome to the ASHA Continuing Education Boards (CEB) webinar focused on Required Practice 3.2. In this module, well take a closer look at what ASHA Approved CE Providers must do to manage conflicts of interest in courses offered for ASHA

519 views • 40 slides
Thank You! Reviewers Moss Drake Roslyn Lindquist

Thank You! Reviewers Moss Drake Roslyn Lindquist

10/17/2011 Designing Process Improvement PNSQC 2011 John Ruberto Thank You! Reviewers Moss Drake Roslyn Lindquist ________________________________________________________________ Excerpt from PNSQC 2011 PNSQC.ORG Copies may not be

446 views • 12 slides
Eileen Crowe Director, State Association Relations ASHA OSHA Conference October 13, 2018

Eileen Crowe Director, State Association Relations ASHA OSHA Conference October 13, 2018

Eileen Crowe Director, State Association Relations ASHA OSHA Conference October 13, 2018 Financial Relationship: ASHA employee Nonfinancial Relationship: None ASHA State Liaisons ASHAs History with Support Personnel ASHA

1.47k views • 84 slides
Validation Labs with OpenStack Shuquan Huang, Intel IT Engineering Computing Weibo: @

Validation Labs with OpenStack Shuquan Huang, Intel IT Engineering Computing Weibo: @

Intel IT OpenStack Practice Validation Labs with OpenStack Shuquan Huang, Intel IT Engineering Computing Weibo: @ Intel Information Technology Intel Confidential Do Not Forward Agenda About Me Intel IT with OpenStack

405 views • 39 slides
A vulnerable program #include <stdlib.h> int main() { void *p = malloc(100); } 2

A vulnerable program #include <stdlib.h> int main() { void *p = malloc(100); } 2

I AGO A TTACKS : W HY THE S YSTEM C ALL API IS A B AD U NTRUSTED RPC I NTERFACE Stephen Checkoway and Hovav Shacham March 19, 2013 1 Monday, April 22, 13 1 A vulnerable program #include <stdlib.h> int main() { void *p = malloc(100);

670 views • 45 slides
context switches/POSIX API 1 Changelog Changes made in this version not seen in fjrst lecture:

context switches/POSIX API 1 Changelog Changes made in this version not seen in fjrst lecture:

context switches/POSIX API 1 Changelog Changes made in this version not seen in fjrst lecture: 24 Jan 2019: wait: return value for WNOHANG when process not done is 0, not -1 1 last time system call fmow in xv6 other exceptions in xv6

1.7k views • 138 slides
Advanced Web Services with JSON API HOWDY! I am Mateu I am here because I am a decoupling nerd

Advanced Web Services with JSON API HOWDY! I am Mateu I am here because I am a decoupling nerd

Advanced Web Services with JSON API HOWDY! I am Mateu I am here because I am a decoupling nerd You can find me at @e0ipso You will learn about JSON API Drupal module Outstanding problems What is it? Whats the status? Still

982 views • 53 slides
User Demonstration November 14, 2018 Disclaimer This presentation was current at the time it was

User Demonstration November 14, 2018 Disclaimer This presentation was current at the time it was

2018 CMS Web Interface Quality Reporting for MIPS Groups and ACOs CMS Web Interface User Demonstration November 14, 2018 Disclaimer This presentation was current at the time it was published or uploaded onto the web. Medicare policy changes

263 views • 12 slides
Deployment API Chris Mays, Principal Engineer, HERE Technologies Micah Noland, Lead Engineer, HERE

Deployment API Chris Mays, Principal Engineer, HERE Technologies Micah Noland, Lead Engineer, HERE

Deployment API Chris Mays, Principal Engineer, HERE Technologies Micah Noland, Lead Engineer, HERE Technologies Problem Statement Goal: Self Service Deployment Problem: DC/OS API has a learning curve docker run settings: Enable

330 views • 7 slides
A new graphics API Deepayan Sarkar Indian Statistical Institute, Delhi DSC 2014 Deepayan Sarkar

A new graphics API Deepayan Sarkar Indian Statistical Institute, Delhi DSC 2014 Deepayan Sarkar

Introduction Examples A new graphics API Deepayan Sarkar Indian Statistical Institute, Delhi DSC 2014 Deepayan Sarkar A new graphics API Introduction Examples Motivation Qt R Bindings (Michael Lawrence, 6 years) qtpaint

463 views • 20 slides
RUN-TIME ATTACK DETECTION IN CRYPTOGRAPHIC APIS Marco Squarcina 1 , joint work with Riccardo

RUN-TIME ATTACK DETECTION IN CRYPTOGRAPHIC APIS Marco Squarcina 1 , joint work with Riccardo

RUN-TIME ATTACK DETECTION IN CRYPTOGRAPHIC APIS Marco Squarcina 1 , joint work with Riccardo Focardi 1 August 23, 2017 1 Universit Ca Foscari Venezia (IT) / Cryptosense (FR) 30th IEEE Computer Security Foundations Symposium (CSF2017) Santa

1.1k views • 46 slides
Towards a Common Java LDAP API Emmanuel Lecharny Apache Directory elecharny@apache.org Ludovic

Towards a Common Java LDAP API Emmanuel Lecharny Apache Directory elecharny@apache.org Ludovic

Towards a Common Java LDAP API Emmanuel Lecharny Apache Directory elecharny@apache.org Ludovic Poitou OpenDS ludovic.poitou@sun.com A poor man's choice: JNDI or JLDAP/Netscape LDAP SDK Good News: Apache Directory Client API OpenDS

678 views • 20 slides

More recommend